include/mbedtls/cmac.h - third_party/github/ARMmbed/mbedtls - Git at Google

 /**
  * \file cmac.h
  *
  * \brief The CMAC Mode for Authentication
  *
  *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
  *  SPDX-License-Identifier: Apache-2.0
  *
  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
  *  not use this file except in compliance with the License.
  *  You may obtain a copy of the License at
  *
  *  http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
  *  This file is part of mbed TLS (https://tls.mbed.org)
  */
 #ifndef MBEDTLS_CMAC_H
 #define MBEDTLS_CMAC_H

 #include "cipher.h"

 #define MBEDTLS_ERR_CMAC_BAD_INPUT      -0x0011 /**< Bad input parameters to function. */
 #define MBEDTLS_ERR_CMAC_VERIFY_FAILED  -0x0013 /**< Verification failed. */
 #define MBEDTLS_ERR_CMAC_ALLOC_FAILED   -0x0015 /**< Failed to allocate memory */


 #ifdef __cplusplus
 extern "C" {
 #endif

 /**
  * \brief          CMAC context structure
  */
 typedef struct {
     mbedtls_cipher_context_t cipher_ctx;    /*!< cipher context used */
     unsigned char* K1; /*!< CMAC Subkey 1 */
     unsigned char* K2; /*!< CMAC Subkey 2 */
 }
 mbedtls_cmac_context;

 /**
  * \brief           Initialize CMAC context (just makes references valid)
  *                  Makes the context ready for mbedtls_cmac_setkey() or
  *                  mbedtls_cmac_free().
  *
  * \param ctx       CMAC context to initialize
  */
 void mbedtls_cmac_init( mbedtls_cmac_context *ctx );

 /**
  * \brief           Initialize the CMAC context
  *
  * \param ctx       CMAC context to be initialized
  * \param cipher    cipher to use
  * \param key       encryption key
  * \param keybits   encryption key size in bits (must be acceptable by the cipher)
  *
  * \return          0 if successful, or a cipher specific error code
  */
 int mbedtls_cmac_setkey( mbedtls_cmac_context *ctx,
                          mbedtls_cipher_id_t cipher,
                          const unsigned char *key,
                          unsigned int keybits );

 /**
  * \brief           Free a CMAC context and underlying cipher sub-context
  *                  Securely wipes sub keys and other sensitive data.
  *
  * \param ctx       CMAC context to free
  */
 void mbedtls_cmac_free( mbedtls_cmac_context *ctx );

 /**
  * \brief           Generate a CMAC tag.
  *
  * \param ctx       CMAC context
  * \param input     buffer holding the input data
  * \param in_len    length of the input data in bytes
  * \param tag       buffer for holding the generated tag
  * \param tag_len   length of the tag to generate in bytes
  *                  Must be 2, 4, 6, 8 if cipher block size is 64
  *                  Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 128
  *
  * \return          0 if successful
  */
 int mbedtls_cmac_generate( mbedtls_cmac_context *ctx,
                            const unsigned char *input, size_t in_len,
                            unsigned char *tag, size_t tag_len );

 /**
  * \brief           Verify a CMAC tag.
  *
  * \param ctx       CMAC context
  * \param input     buffer holding the input data
  * \param in_len    length of the input data in bytes
  * \param tag       buffer holding the tag to verify
  * \param tag_len   length of the tag to verify in bytes
  *                  Must be 2, 4, 6, 8 if cipher block size is 64
  *                  Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 128
  * \return          0 if successful and authenticated
  *                  MBEDTLS_ERR_CMAC_VERIFY_FAILED if tag does not match
  */
 int mbedtls_cmac_verify( mbedtls_cmac_context *ctx,
                          const unsigned char *input, size_t in_len,
                          const unsigned char *tag, size_t tag_len );

 #ifdef MBEDTLS_AES_C
 /**
  * \brief           AES-CMAC-128-PRF
  *                  See RFC 4615 for details
  *
  * \param key       PRF key
  * \param key_len   PRF key length
  * \param input     buffer holding the input data
  * \param in_len    length of the input data in bytes
  * \param tag       buffer holding the tag to verify (16 bytes)
  *
  * \return          0 if successful
  */
 int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
                               const unsigned char *input, size_t in_len,
                               unsigned char tag[16] );
 #endif /* MBEDTLS_AES_C */

 #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
 /**
  * \brief          Checkup routine
  *
  * \return         0 if successful, or 1 if the test failed
  */
 int mbedtls_cmac_self_test( int verbose );
 #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */

 #ifdef __cplusplus
 }
 #endif

 #endif /* MBEDTLS_CMAC_H */
	/**
	* \file cmac.h
	*
	* \brief The CMAC Mode for Authentication
	*
	* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
	* SPDX-License-Identifier: Apache-2.0
	*
	* Licensed under the Apache License, Version 2.0 (the "License"); you may
	* not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*
	* This file is part of mbed TLS (https://tls.mbed.org)
	*/
	#ifndef MBEDTLS_CMAC_H
	#define MBEDTLS_CMAC_H

	#include "cipher.h"

	#define MBEDTLS_ERR_CMAC_BAD_INPUT -0x0011 /*< Bad input parameters to function. /
	#define MBEDTLS_ERR_CMAC_VERIFY_FAILED -0x0013 /*< Verification failed. /
	#define MBEDTLS_ERR_CMAC_ALLOC_FAILED -0x0015 /*< Failed to allocate memory /


	#ifdef __cplusplus
	extern "C" {
	#endif

	/**
	* \brief CMAC context structure
	*/
	typedef struct {
	mbedtls_cipher_context_t cipher_ctx; /!< cipher context used /
	unsigned char* K1; /!< CMAC Subkey 1 /
	unsigned char* K2; /!< CMAC Subkey 2 /
	}
	mbedtls_cmac_context;

	/**
	* \brief Initialize CMAC context (just makes references valid)
	* Makes the context ready for mbedtls_cmac_setkey() or
	* mbedtls_cmac_free().
	*
	* \param ctx CMAC context to initialize
	*/
	void mbedtls_cmac_init( mbedtls_cmac_context *ctx );

	/**
	* \brief Initialize the CMAC context
	*
	* \param ctx CMAC context to be initialized
	* \param cipher cipher to use
	* \param key encryption key
	* \param keybits encryption key size in bits (must be acceptable by the cipher)
	*
	* \return 0 if successful, or a cipher specific error code
	*/
	int mbedtls_cmac_setkey( mbedtls_cmac_context *ctx,
	mbedtls_cipher_id_t cipher,
	const unsigned char *key,
	unsigned int keybits );

	/**
	* \brief Free a CMAC context and underlying cipher sub-context
	* Securely wipes sub keys and other sensitive data.
	*
	* \param ctx CMAC context to free
	*/
	void mbedtls_cmac_free( mbedtls_cmac_context *ctx );

	/**
	* \brief Generate a CMAC tag.
	*
	* \param ctx CMAC context
	* \param input buffer holding the input data
	* \param in_len length of the input data in bytes
	* \param tag buffer for holding the generated tag
	* \param tag_len length of the tag to generate in bytes
	* Must be 2, 4, 6, 8 if cipher block size is 64
	* Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 128
	*
	* \return 0 if successful
	*/
	int mbedtls_cmac_generate( mbedtls_cmac_context *ctx,
	const unsigned char *input, size_t in_len,
	unsigned char *tag, size_t tag_len );

	/**
	* \brief Verify a CMAC tag.
	*
	* \param ctx CMAC context
	* \param input buffer holding the input data
	* \param in_len length of the input data in bytes
	* \param tag buffer holding the tag to verify
	* \param tag_len length of the tag to verify in bytes
	* Must be 2, 4, 6, 8 if cipher block size is 64
	* Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 128
	* \return 0 if successful and authenticated
	* MBEDTLS_ERR_CMAC_VERIFY_FAILED if tag does not match
	*/
	int mbedtls_cmac_verify( mbedtls_cmac_context *ctx,
	const unsigned char *input, size_t in_len,
	const unsigned char *tag, size_t tag_len );

	#ifdef MBEDTLS_AES_C
	/**
	* \brief AES-CMAC-128-PRF
	* See RFC 4615 for details
	*
	* \param key PRF key
	* \param key_len PRF key length
	* \param input buffer holding the input data
	* \param in_len length of the input data in bytes
	* \param tag buffer holding the tag to verify (16 bytes)
	*
	* \return 0 if successful
	*/
	int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
	const unsigned char *input, size_t in_len,
	unsigned char tag[16] );
	#endif /* MBEDTLS_AES_C */

	#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) \|\| defined(MBEDTLS_DES_C) )
	/**
	* \brief Checkup routine
	*
	* \return 0 if successful, or 1 if the test failed
	*/
	int mbedtls_cmac_self_test( int verbose );
	#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C \|\| MBEDTLS_DES_C ) */

	#ifdef __cplusplus
	}
	#endif

	#endif /* MBEDTLS_CMAC_H */